VPN Setup with Azure
The following guide describes how to setup a secure VPN tunnel between Monogoto account and Azure.
1. Login to the Monogoto portal and go to Network.
2. Edit your data.mono network (EU zone) or "vpnus.mono" network (US zone).
3. Go to Routes and copy Gateway IP.
4. Login to your Azure account and create a new Virtual Network Gateway.
5. In the window that opens, please do the following changes:
Name the Virtual Network Gateway as you see fit.
Choose the Region your Virtual Network resides in.
Select VPN, Route-based, VpnGw1, Generation1 and select your Virtual Network.
Allocate a subnet address range for your Virtual Network Gateway on your Virtual Network.
6. For Public IP address, select reate new”and give it an appropriate name.
Leave other options as default and click Next if you wish to tag your Virtual Network Gateway or Review + create to skip tagging. Note that Virtual Network Gateway can take a while to deploy.
7. Create a new Local network gateway.
8. Choose the appropriate Resource group & Region, name the Local network gateway to your liking, and for IP address enter the Monogoto Gateway IP we copied earlier.
9. In a new tab, go to the Monogoto Network we used earlier, and copy the CIDR range under Ip Address / Mask in Address Pools.
10. Go back to the Create local network gateway tab and paste the CIDR range we copied in the Address space field, then click Review + Create and finally reate”
11. Next, go to the Virtual network gateway we created earlier and copy the Public IP address.
12. Go back to the Monogoto Network page, and under VPN click Add new.
13. Name the VPN connection as you’d like.
Paste the Virtual network gateway’s public IP address we copied earlier in the Destination IP Address field.
In Destination Network, paste the Azure Virtual Network address range you would like to be able to access the VPN.
14. Click Save & Close and then pply Settings”
15. Once the VPN is created, click the download configuration button and copy the Pre-Shared Key from the downloaded file.
16. On Azure, go to the Virtual Network Gateway we created earlier and click on Connections, then click Add.
17. Name your connection as you’d like.
Under Connection type select Site-to-site (IPsec).
Click Local network gateway and select the Local network gateway we created earlier.
Paste the Pre-Shared Key you copied from the downloaded configuration file.
Important! If you’re planning to use Policy-Based VPN, select IKEv2, otherwise select IKEv1. Leave all other options as default and click OK
18. (OPTIONAL) If you prefer to use policy-based connections, click configuration in the connection we just created, change IPsec / IKE policy to Custom and make sure the settings are identical to the following screenshot:
19. Create/change any firewall rules you need to allow traffic between your Virtual Network and the Monogoto Address Pool.
20. That’s it, your VPN connection should be up and connected.
Last updated